InformacjeRegulaminPrywatnośćKontakt
 
Aktualizowanie
GRC Engineer

GRC Engineer

Opublikowany: 2026-03-05
© Ayoub Fandi
GRC Engineer - QR Code
20 Episodes
Audio
Posłuchaj w Apple Podcasts
20 Episodes
Audio
Posłuchaj w Apple Podcasts
Opublikowany: 2026-03-05
© Ayoub Fandi
Najnowszy odcinek
AIUC-1: The First Compliance Framework for AI Agents w/ Rajiv from AIUC and Danny from Schellman

AIUC-1: The First Compliance Framework for AI Agents w/ Rajiv from AIUC and Danny from Schellman

Every compliance framework you know was built for deterministic systems. AI agents are not deterministic. That's why AIUC-1 was born.In this episode, I sit down with Danny from Schellman and Rajiv Dattani, co-founder of AIUC, to break down the first com
Czas: 46:21
Every compliance framework you know was built for deterministic systems. AI agents are not deterministic. That's why AIUC-1 was born.In this episode, I sit down with Danny from Schellman and Rajiv Dattani, co-founder of AIUC, to break down the first compliance framework purpose-built for AI agents. We cover the six pillars (data & privacy, security, safety, reliability, accountability, societal risks), how the technical testing works with thousands of adversarial simulations, and why tying it to insurance through Lloyd's of London changes the incentive structure for the entire audit market.Key takeaways:- AIUC-1 bridges the gap between governance frameworks (ISO 42001) and technical testing- You can't commoditize it: you either pass thousands of adversarial scans or you don't- Quarterly updates keep the framework current with the fast-moving AI threat landscape- Insurance-backed testing means the tester has skin in the game- The 100-page audit report replaces ~70% of your vendor questionnaire back-and-forth- Three evidence types: adversarial testing, technical controls (code review), and policies- Internal agents emphasize security/data privacy; external agents emphasize safety---CHAPTERS:00:00 Introduction & Guest Intros01:55 Why a New Framework for AI Agents?04:06 Why Schellman Partnered with AIUC08:06 Quarterly Updates & The Consortium Model09:29 The Five Principles Driving AIUC-111:36 The Six Pillars: Data, Security, Safety, Reliability, Accountability, Societal12:38 What You Get: 100-Page Report + Certification14:22 How Testing Works: Thousands of Adversarial Simulations16:12 Testing Stochastic Systems: The Entropy Problem17:05 The Insurance Innovation: From Benjamin Franklin to AI Safety20:39 Lloyd's of London & Synthetic Loss Data21:36 Aligning Incentives Through Insurance23:56 How Enterprises Use AIUC-1: Buyers vs Builders26:06 Deterministic vs Stochastic: The Compliance Challenge29:05 SOC 2 vs ISO 42001 vs AIUC-1 Positioning30:51 Threat Modeling Meets Compliance35:10 Traditional Security Controls & AI-Specific Risks38:11 GRC Engineering & Agentic Auditing42:18 The Hardest Challenge: Articulating Technical Testing44:46 Closing Thoughts------CONNECT WITH GRC ENGINEER:Newsletter: https://grcengineer.com/subscribeLinkedIn: https://linkedin.com/in/ayoubfandiWebsite: https://grcengineer.comCONNECT WITH DANNY:LinkedIn: https://www.linkedin.com/in/danny-manimbo-2b199718/CONNECT WITH RAJIV DATTANI:LinkedIn: https://linkedin.com/in/rajivdattani---#GRC #cybersecurity #compliance #AIagents #AIUC1 #ISO42001 #GRCEngineering
Kod odcinka: 1000753346303
GUID: c3c5ae90-e2f3-4b48-823e-ece2a9a1c9e1
Data wydania: 5.03.2026, 13:30:00

Opis

The podcast for practitioners applying systems thinking and engineering principles to GRC.
We speak with GRC leaders, security engineers and practitioners transforming legacy GRC through automation, orchestration, and architectural thinking.
Learn how to design scalable systems, build better workflows and solve coordination challenges.
GRC Engineering works everywhere: from spreadsheets to enterprise platforms, AI startups to Fortune 500s. It also works for you!
Hosted by Ayoub Fandi, founder of GRC Engineer, co-author of the GRC Engineering manifesto and leading GRC Engineering at GitLab.

Apple Podcasts: Opinie

Brak wpisu